December 9

WEBINAR TAKEAWAY: When the Bad Guys Hide in Plain Sight: Hacking Platforms You Know and Trust

0  comments

file

MY KEY TAKEAWAYS

  • already 20 years ago, Kevin Mitnick testified before US Senate and highlighted social engineering and the need for training. Still today changing human behaviour is most times the weakest point.
  • threat actors have almost unlimited time to do extensive research before an attack, so they are extremly good at buidling the trust factor
  • Kevin recommends: trust your gut! If it sounds too good to be true, it possibly is.
  • A crafty attacker tries to push the victim into system 1 thinking. To force yourself to remain in system 2, is a very effective defense mechanism against social engineering.
  • While Trump was in hospital with COVID19, it created an information vaccum = working phish bait
  • Common phishing tactic: link to trusted sources like Google Docs or O365. Document might contain hyperlink to malware.
  • Having a good and tested(!) desaster recovery plan is cruicial with more and more ransomware attacks

Demo time

ENV


Tags

awareness training, phishing, social engineering


You may also like

Why your security team needs more than just tech skills

Why your security team needs more than just tech skills

Webinar takeaway – Nuclear Ransomware 3.0: We Thought It Was Bad and Then It Got Even Worse

Webinar takeaway – Nuclear Ransomware 3.0: We Thought It Was Bad and Then It Got Even Worse
{"email":"Email address invalid","url":"Website address invalid","required":"Required field missing"}